Penetration Testing mailing list archives

Re: [PEN-TEST] Arp Spoofing under WinNT 4.0

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Wed, 31 Jan 2001 14:34:50 -0500

On Wed, 31 Jan 2001, Fabio Pietrosanti wrote:

On unix there are many tools, but on WinNT 4.0 with WinPcap there are
some tools for "arp spoofing" ?


the obvious suggestion is to use your UN*X laptop/other device to flood
the switch or spoof (via a hub attached to your switched port) the MAC
addr you wish to impersonate.

barring that, look into Net::RawIP and the portability to Win32, or the
eEye port of Libnet to NT.

http://www.eeye.com/html/tools/libnetnt.html

enjoy, and happy hunting.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

[PEN-TEST] Arp Spoofing under WinNT 4.0 Fabio Pietrosanti (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Jose Nazario (Jan 31)
  - Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 m (Jan 31)
  - Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Shoten (Jan 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Brentlinger, Mike (ISS eServices) (Jan 31)